The fallout from the Office of Personnel Management (OPM) data hack continues, as a contentious congressional hearing led to calls for the resignation of the OPM’s leader. Members of a house committee attacked the OPM chief, claiming she is responsible for the data security failures that appear to have led to the hacking of OPM systems by what are presumed to be Chinese hackers.
But perhaps we need to step back and consider if this is a meaningful response. Certainly, as head of the agency, the director is ultimately responsible for incidents that occur during her tenure as boss. However, as with most issues related to the operation of the government, the truth may be far more complex and for Congress, uncomfortable.
One of the questioners at the hearing demanded to know why systems with security vulnerabilities and which lacked the ability to be encrypted were not shut down. One could only wish that the congressman’s paychecks were tied to one of these systems.
The age of these computer systems and other factors likely contributed to their vulnerability. The real question is why was this so? Was it because no one in the agency recognized the risk?
Or was it because OPM, like virtually every other federal agency has been the victim of Congressional grandstanding and yearly budgetary restrictions and poor decision making, like the sequestration, which have forced agencies and their employees to struggle along and attempt to patch and “make do” with antiquated hardware and software, and do it shorthanded.
The root cause of many of these problems is likely to lie with Congress and its unwillingness to adequately fund essential government functions. OPM cannot simply shut down systems that affect the payroll and personnel matters of hundreds of thousands of federal employees, when Congress has refused to ensure there is something in place to handle those demands.
Source: npr.com, “Data Hack Leads To Call For OPM Chief’s Resignation,” Brian Naylor, June 16, 2015